From de848d9e9146434817c65d74d1d0313e9d729462 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 27 Apr 2024 14:01:37 +0200
Subject: Adding upstream version 1.4.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 modules/pam_unix/bigcrypt.c | 159 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 159 insertions(+)
 create mode 100644 modules/pam_unix/bigcrypt.c

(limited to 'modules/pam_unix/bigcrypt.c')

diff --git a/modules/pam_unix/bigcrypt.c b/modules/pam_unix/bigcrypt.c
new file mode 100644
index 0000000..e08e409
--- /dev/null
+++ b/modules/pam_unix/bigcrypt.c
@@ -0,0 +1,159 @@
+/*
+ * This function implements the "bigcrypt" algorithm specifically for
+ * Linux-PAM.
+ *
+ * This algorithm is algorithm 0 (default) shipped with the C2 secure
+ * implementation of Digital UNIX.
+ *
+ * Disclaimer: This work is not based on the source code to Digital
+ * UNIX, nor am I connected to Digital Equipment Corp, in any way
+ * other than as a customer. This code is based on published
+ * interfaces and reasonable guesswork.
+ *
+ * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8
+ * characters or less. Each block is encrypted using the standard UNIX
+ * libc crypt function. The result of the encryption for one block
+ * provides the salt for the succeeding block.
+ *
+ * Restrictions: The buffer used to hold the encrypted result is
+ * statically allocated. (see MAX_PASS_LEN below).  This is necessary,
+ * as the returned pointer points to "static data that are overwritten
+ * by each call", (XPG3: XSI System Interface + Headers pg 109), and
+ * this is a drop in replacement for crypt();
+ *
+ * Andy Phillips <atp@mssl.ucl.ac.uk>
+ */
+
+#include "config.h"
+
+#include <string.h>
+#include <stdlib.h>
+#include <security/_pam_macros.h>
+#ifdef HAVE_LIBXCRYPT
+#include <xcrypt.h>
+#elif defined(HAVE_CRYPT_H)
+#include <crypt.h>
+#endif
+
+#include "bigcrypt.h"
+
+/*
+ * Max cleartext password length in segments of 8 characters this
+ * function can deal with (16 segments of 8 chars= max 128 character
+ * password).
+ */
+
+#define MAX_PASS_LEN       16
+#define SEGMENT_SIZE       8
+#define SALT_SIZE          2
+#define KEYBUF_SIZE        ((MAX_PASS_LEN*SEGMENT_SIZE)+SALT_SIZE)
+#define ESEGMENT_SIZE      11
+#define CBUF_SIZE          ((MAX_PASS_LEN*ESEGMENT_SIZE)+SALT_SIZE+1)
+
+char *bigcrypt(const char *key, const char *salt)
+{
+	char *dec_c2_cryptbuf;
+#ifdef HAVE_CRYPT_R
+	struct crypt_data *cdata;
+#endif
+	unsigned long int keylen, n_seg, j;
+	char *cipher_ptr, *plaintext_ptr, *tmp_ptr, *salt_ptr;
+	char keybuf[KEYBUF_SIZE + 1];
+
+	D(("called with key='%s', salt='%s'.", key, salt));
+
+	/* reset arrays */
+	dec_c2_cryptbuf = malloc(CBUF_SIZE);
+	if (!dec_c2_cryptbuf) {
+		return NULL;
+	}
+#ifdef HAVE_CRYPT_R
+	cdata = malloc(sizeof(*cdata));
+	if(!cdata) {
+		free(dec_c2_cryptbuf);
+		return NULL;
+	}
+	cdata->initialized = 0;
+#endif
+	memset(keybuf, 0, KEYBUF_SIZE + 1);
+	memset(dec_c2_cryptbuf, 0, CBUF_SIZE);
+
+	/* fill KEYBUF_SIZE with key */
+	strncpy(keybuf, key, KEYBUF_SIZE);
+
+	/* deal with case that we are doing a password check for a
+	   conventially encrypted password: the salt will be
+	   SALT_SIZE+ESEGMENT_SIZE long. */
+	if (strlen(salt) == (SALT_SIZE + ESEGMENT_SIZE))
+		keybuf[SEGMENT_SIZE] = '\0';	/* terminate password early(?) */
+
+	keylen = strlen(keybuf);
+
+	if (!keylen) {
+		n_seg = 1;
+	} else {
+		/* work out how many segments */
+		n_seg = 1 + ((keylen - 1) / SEGMENT_SIZE);
+	}
+
+	if (n_seg > MAX_PASS_LEN)
+		n_seg = MAX_PASS_LEN;	/* truncate at max length */
+
+	/* set up some pointers */
+	cipher_ptr = dec_c2_cryptbuf;
+	plaintext_ptr = keybuf;
+
+	/* do the first block with supplied salt */
+#ifdef HAVE_CRYPT_R
+	tmp_ptr = crypt_r(plaintext_ptr, salt, cdata);	/* libc crypt_r() */
+#else
+	tmp_ptr = crypt(plaintext_ptr, salt);	/* libc crypt() */
+#endif
+	if (tmp_ptr == NULL) {
+		free(dec_c2_cryptbuf);
+		return NULL;
+	}
+	/* and place in the static area */
+	strncpy(cipher_ptr, tmp_ptr, 13);
+	cipher_ptr += ESEGMENT_SIZE + SALT_SIZE;
+	plaintext_ptr += SEGMENT_SIZE;	/* first block of SEGMENT_SIZE */
+
+	/* change the salt (1st 2 chars of previous block) - this was found
+	   by dowsing */
+
+	salt_ptr = cipher_ptr - ESEGMENT_SIZE;
+
+	/* so far this is identical to "return crypt(key, salt);", if
+	   there is more than one block encrypt them... */
+
+	if (n_seg > 1) {
+		for (j = 2; j <= n_seg; j++) {
+
+#ifdef HAVE_CRYPT_R
+			tmp_ptr = crypt_r(plaintext_ptr, salt_ptr, cdata);
+#else
+			tmp_ptr = crypt(plaintext_ptr, salt_ptr);
+#endif
+			if (tmp_ptr == NULL) {
+				_pam_overwrite(dec_c2_cryptbuf);
+				free(dec_c2_cryptbuf);
+				return NULL;
+			}
+
+			/* skip the salt for seg!=0 */
+			strncpy(cipher_ptr, (tmp_ptr + SALT_SIZE), ESEGMENT_SIZE);
+
+			cipher_ptr += ESEGMENT_SIZE;
+			plaintext_ptr += SEGMENT_SIZE;
+			salt_ptr = cipher_ptr - ESEGMENT_SIZE;
+		}
+	}
+	D(("key=|%s|, salt=|%s|\nbuf=|%s|\n", key, salt, dec_c2_cryptbuf));
+
+#ifdef HAVE_CRYPT_R
+	free(cdata);
+#endif
+
+	/* this is the <NUL> terminated encrypted password */
+	return dec_c2_cryptbuf;
+}
-- 
cgit v1.2.3